OIDC Userinfo Endpoint Support

Signed-off-by: Stephen Crawford <[email protected]>
stephen-crawford · Aug 20, 2024 · 37c62b1 · 37c62b1
1 parent f386adf
commit 37c62b1
Showing 1 changed file with 16 additions and 4 deletions.
diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java
@@ -18,14 +18,17 @@
 import java.net.Socket;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
+import java.text.ParseException;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLParameters;
 import javax.net.ssl.TrustManagerFactory;
 
+import com.nimbusds.jwt.JWTClaimsSet;
 import org.apache.hc.core5.function.Callback;
 import org.apache.hc.core5.http.ClassicHttpRequest;
 import org.apache.hc.core5.http.ClassicHttpResponse;
+import org.apache.hc.core5.http.ContentType;
 import org.apache.hc.core5.http.Header;
 import org.apache.hc.core5.http.HttpEntity;
 import org.apache.hc.core5.http.HttpException;
@@ -157,8 +160,8 @@ protected void handleDiscoverRequest(HttpRequest request, ClassicHttpResponse re
         );
     }
 
-    protected void handleUserinfoRequest(HttpRequest request, ClassicHttpResponse response, HttpContext context) throws HttpException,
-        IOException {
+    protected void handleUserinfoRequestUnencrypted(HttpRequest request, ClassicHttpResponse response, HttpContext context) throws HttpException,
+            IOException, ParseException {
 
         Header[] headers = request.getHeaders("Authorization");
         String requestToken;
@@ -169,11 +172,20 @@ protected void handleUserinfoRequest(HttpRequest request, ClassicHttpResponse re
             if (authHeaderValue.startsWith("Bearer")) {
                 requestToken = authHeaderValue.substring(7).trim();
             }
+            else {
+                response.setCode(401);
+                return;
+            }
         } else {
-            response.setCode(401);
-            return;
+           response.setCode(401);
+           return;
         }
+
+        JWTClaimsSet claims = JWTClaimsSet.parse(requestToken);
         response.setCode(200);
+        response.setHeader("content-type", ContentType.APPLICATION_JSON);
+        response.setEntity(new StringEntity());
+
     }
 
     protected void handleKeysRequest(HttpRequest request, ClassicHttpResponse response, HttpContext context) throws HttpException,